contracts - DOCX / PDF
Data Processing Agreement
GDPR/CCPA-compliant DPA defining data processor obligations, security measures, and breach notification
Data Processing Agreement
Party 1 (Name / Company)
Party 1 Address
Party 2 (Name / Company)
Party 2 Address
Effective Date
Data controller
Subject matter
Types of personal data
Data subjects
Processing duration
Technical and organizational measures
Sub-processor
Data subject rights
Data breach notification
Audit rights
Duration / End Date
Signature
Signature
Required when sharing personal data with service providers under GDPR/CCPA.
Key Sections
- Data controller and data processor identification
- Subject matter and purpose of processing
- Types of personal data processed (categories)
- Data subjects (customers, employees, website visitors)
- Processing duration and data retention
- Technical and organizational measures (encryption, access controls, backups)
- Sub-processor management (list, approval process, flow-down)
- Data subject rights assistance (access, deletion, portability)
- Data breach notification (72-hour notification to controller)
- Audit rights and cooperation
- Cross-border transfers (SCCs, adequacy decisions)
- Data return/deletion upon termination
Standard Contractual Clauses (SCCs) attachment for international transfers. Records of processing activities obligation.
Customize for your specific data flows, security measures, and jurisdiction in PDFb2.
More contracts Templates
Affiliate Partnership Agreement
Affiliate agreement with commission structure, cookie duration, prohibited methods, and payment terms
App Development Contract
Mobile app development agreement with milestone deliverables, IP assignment, and app store submission
Artist Consignment Agreement
Art gallery consignment contract with commission split, insurance, display terms, and sale procedures
Artist Management Contract
Agreement template for artist management arrangements